
United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 

Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 223 1 3-1450 
www.uspto.gov 



APPLICATION NO. 


FILING DATE 


FIRST NAMED INVENTOR 


ATTORNEY DOCKET NO. | 


- CONFIRMATION NO. 


09/911,061 


07/23/2001 


Yihsiu Chen 


2001-0056 


3217 



7590 

Samuel H. Dworetsky 
AT&T CORP. 
P.O. Box 41 10 
Middletown, NJ 07748-41 10 



01/10/2008 



EXAMINER 



TRAN, NGHI V 



ART UNIT 



2151 



PAPER NUMBER 



MAIL DATE 



01/10/2008 



DELIVERY MODE 



PAPER 



Please find below and/or attached an Office communication concerning this application or proceeding. 

The time period for reply, if any, is set in the attached communication. 



PTOL-90A (Rev. 04/07) 



Commissioner for Patents 
United States Patent and Trademark Office 
P.O. Box 1450 
Alexandria, VA 22313-1450 

www.uspto.gov 



MAILED 

JAN 1 0 2008 
Technology Center 2100 



BEFORE THE BOARD OF PATENT APPEALS 
AND INTERFERENCES 




United States Patent and Trademark Office 



Application Number: 09/911,061 
Filing Date: July 23, 2001 
Appellant(s): Chen et al. 



William Ryan 
For Appellant 



Application/Control Number: 10/006,059 
Art Unit: 2151 



Page 2 



EXAMINER'S ANSWER 

This is in response to the appeal brief filed December 10, 2007 appealing from the 
Office action mailed October 11, 2006. 

(1) Real Party in Interest 

A statement identifying by name the real party in interest is contained in the brief. 

(2) Related Appeals and Interferences 

The examiner is not aware of any related appeals, interferences, or judicial 
proceedings which will directly affect or be directly affected by or have a bearing on the 
Board's decision in the pending appeal. 

(3) Status of Claims 

The statement of the status of claims contained in the brief is correct. 

(4) Status of Amendments After Final 

The appellant's statement of the status of amendments after final rejection 
contained in the brief is correct. 

(5) Summary of Claimed Subject Matter 

The summary of invention contained in the brief is correct. 
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(6) Grounds of Rejection to be Reviewed on Appeal 

The appellant's statement of the grounds of rejection to be reviewed on appeal is 
correct. 

(7) Claims Appendix 

The copy of the appealed claims contained in the Appendix to the brief is correct. 

(8) Evidence Relied Upon 

The following is a listing of the prior art of record relied upon in the rejection of 
claims under appeal: 

- Liu, (6,079,020) issued on June 20, 2000. 

- Larson et al., (2004/0107286) issued on June 03, 2004. 

(9) Grounds of Rejection 

The following ground(s) of rejection are applicable to the appealed claims: 

1 . Claims 22-27 are rejected under 35 U.S.C. 1 03(a) as being unpatentable 
over Liu, U.S. Patent No. 6,079,020 (hereinafter Liu), in view of Larson et al., 
U.S. Patent Application Publication No. 2004/0107286 (hereinafter Larson). 

2. With respect to claim 22, Liu teaches a method practiced at a network 
interface unit (NIU) directly connected to at least one local area network (LAN), 
said NIU also being connected to a non-secure node of a second network, which 
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second network is in packet communication with at least one access node of a 
secure virtual private network (VPN) [figs. 1-2 and see abstract], the method 
comprising: 

■ receiving data packets from at least one device on said at least one LAN 
[210], 

■ multiplexing said data packets into at least one packet data stream [col. 7, 
lns.8-67], 

■ modifying said packet data streams in a security server in said NIU in 
accordance with a secure communication protocol by encrypting packets in 
said data streams and encapsulating resulting encrypted packets [240]. 

However, Liu does not explicitly show providing network destination 
address information from a Domain Name System (DNS) server for at least 
selected ones of said data streams. 

In a method for establishing secure communication, Larson discloses 
providing network destination address information from a DNS server for at least 
selected ones of said data streams [paragraphs 0024, 0225, 0260-0268]. 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of the invention was made to modify Liu in view of Larson by providing 
network destination address information from a DNS server for at least selected 
ones of said data streams because this feature is enabled at a first computer 
without a user entering any cryptographic information for establishing the secure 
communication mode of communication [Larson, see abstract]. It is for this 
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reason that one of ordinary skill in the art at the time of the invention would have 
been motivated in order to automatically create of a VPN in response to a DNS 
server look-up function [Larson, paragraph 0261]. 

3. With respect to claim 23, Liu is silent on said modifying said packet data 
streams in a security server comprises modifying said packet streams in an 
IPsec server. 

In a virtual private network, Larson discloses said modifying said packet 
data streams in a security server comprises modifying said packet streams in an 
IPsec server [paragraph 0285]. 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of the invention was made to modify Liu in view of Larson by modifying 
said packet streams in an IPsec server because this feature is enabled at a first 
computer without a user entering any cryptographic information for establishing 
the secure communication mode of communication [Larson, see abstract]. It is 
for this reason that one of ordinary skill in the art at the time of the invention 
would have been motivated in order to automatically create of a VPN in response 
to a DNS server look-up function [Larson, paragraph 0261]. 

4. With respect to claim 24, Liu further teaches a method comprising: 

■ receiving at least one stream of data packets from said non-secure network 
[300 and 310], 
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■ filtering out packets in said streams of received packets that are not from said 
VPN network, said filtering being performed by a firewall in said security 
server [320], 

■ modifying said packets in said at least one stream by decrypting said packets 
in said at least one received data stream and decapsulating resulting 
decrypted packets, said decrypting and decapsulating being performed by 
said security server [340], 

■ demultiplexing said at least one stream of received data packets to form at 
least one demultiplexed stream of data packets for delivery to said at least 
one LAN [350]. 

5. With respect to claim 25, Liu further teaches authenticating client devices 
on said at least one LAN, and wherein packets from authenticated client devices 
on said at least one LAN that are received at said network interface device are 
processed as packets received from said VPN [col. 3, Ins. 1-61]. 

6. With respect to claim 26, Liu further teaches wherein said non-secure 
node of a second network is part of said NIU [131]. 

7. With respect to claim 27, Liu further teaches wherein said at least selected 
ones of said at least one packet data stream are applied to said non-secure node 
of said second network [fig.1]. 
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(10) Response to Argument 

In the remarks, applicant argued in substance that 

I. The Examiner has failed to make the necessary factual inquires and 
correct and complete factual finding necessary to provide the 
underpinnings required to establish obviousness of claims 22-27 in 
accordance with KSR. 

In response to Appellant's argument that the Examiner has failed to 
make the necessary factual inquires and correct and complete factual 
finding necessary to provide the underpinnings required to establish 
obviousness of claims 22-27 in accordance with KSR, the examiner 
respectfully disagree. The examiner recognizes that obviousness can 
only be established by combining or modifying the teaching of the prior art 
to produce the claimed invention where there is some teaching, 
suggestion, or motivation to do so found either in the references 
themselves or in the knowledge generally available to one of ordinary skill 
in the art. See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 
1988) and In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992). 
In this case, it would have been obvious to one of ordinary skill in the art at 
the time of the invention was made to modify Liu in view of Larson by 
providing network destination address information from a DNS server for 
at least selected ones of said data streams because this feature is 
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enabled at a first computer without a user entering any cryptographic 
information for establishing the secure communication mode of 
communication [Larson, see abstract]. It is for this reason that one of 
ordinary skill in the art at the time of the invention would have been 
motivated in order to automatically create of a VPN in response to a DNS 
server look-up function [Larson , paragraph 0261]. 

II. Weight accorded claim preamble. 

In response to applicant's arguments, the recitation "at a network 
interface unit (NIU)" has not been given patentable weight because the 
recitation occurs in the preamble. A preamble is generally not accorded 
any patentable weight where it merely recites the purpose of a process or 
the intended use of a structure, and where the body of the claim does not 
depend on the preamble for completeness but, instead, the process steps 
or structural limitations are able to stand alone. See In re Hirao, 535 
F.2d 67, 190 USPQ 15 (CCPA 1976) and Kropa v. Robie, 187 F.2d 150, 
152, 88 USPQ 478, 481 (CCPA 1951). 

III. Examiner did accord weight to preamble and got it wrong. 

In response to applicant's arguments that examiner did accord 
weight to preamble and got it wrong, the examiner respectfully disagrees. 
First, the recitation "at a network interface unit (NIU)" has not been given 
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patentable weight because the recitation occurs in the preamble. A 
preamble is generally not accorded any patentable weight where it merely 
recites the purpose of a process or the intended use of a structure, and 
where the body of the claim does not depend on the preamble for 
completeness but, instead, the process steps or structural limitations are 
able to stand alone. See In re Hirao, 535 F.2d 67, 190 USPQ 15 (CCPA 
1976) and Kropa v. Robie, 187 F.2d 150, 152, 88 USPQ 478, 481 (CCPA 
1951). Second, Liu discloses at a network interface unit (NIU) [= network 
interface card 408] directly connected to at least one local area network 
(LAN) [= LAN 110 and/or 120], said NIU also being connected to a non- 
secure node of a second network [= public network 100], which second 
network is in packet communication with at least one access node of a 
secure virtual private network (VPN) [= VPN gateway 125] [fig. 1 ]. 
Therefore, the examiner did accord weight to preamble and Liu discloses 
claimed feature as show in the above 

IV. Liu is directed to a different purpose not employing Applicant's 
steps. 

In response to Appellant's argument that Liu does not teach or 
suggest a ,( NIU directly connected to at least one ... LAN" thereby 
permitting portability and use at many different LAN location, the examiner 
respectfully disagree. Liu discloses at a network interface unit (NIU) [= 
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network interface card 408] directly connected to at least one local area 
network (LAN) [= LAN 1 10 and/or 120], said NIU also being connected to 
a non-secure node of a second network [= public network 100], which 
second network is in packet communication with at least one access node 
of a secure virtual private network (VPN) [= VPN gateway 125] [fig.1]. 
Further, Applicant's argument does not commensurate with the scope of 
the claim. The claim 22 only recite the limitation of a method practiced at 
a network interface unit (NIU) directly connected to at least one local area 
network (LAN), said NIU also being connected to a non-secure node of a 
second network, which second network is in packet communication with at 
least one access node of a secure virtual private network (VPN). 
However, claim 27 does not recite the limitation of permitting portability 
and use at many different LAN location (emphasis added). Therefore, Liu 
discloses claimed feature as show in the above. 

V. One skilled in the relevant art would have no reason for "providing 
network destination address information from a Domain Name 
System (DNS) server ..." in Liu, and no reason to incorporate 
Larson's teaching in Liu. 

In response to Appellant's argument that no reason to incorporate 
Larson's teaching in Liu, the examiner respectfully disagree. The 
examiner recognizes that obviousness can only be established by 
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combining or modifying the teaching of the prior art to produce the claimed 
invention where there is some teaching, suggestion, or motivation to do so 
found either in the references themselves or in the knowledge generally 
available to one of ordinary skill in the art. See In re Fine, 837 F.2d 1 071 , 
5 USPQ2d 1596 (Fed. Cir. 1988) and In re Jones, 958 F.2d 347, 21 
USPQ2d 1941 (Fed. Cir. 1992). In this case, it would have been obvious 
to one of ordinary skill in the art at the time of the invention was made to 
modify Liu in view of Larson by providing network destination address 
information from a DNS server for at least selected ones of said data 
streams because this feature is enabled at a first computer without a user 
entering any cryptographic information for establishing the secure 
communication mode of communication [Larson, see abstract]. It is for 
this reason that one of ordinary skill in the art at the time of the invention 
would have been motivated in order to automatically create of a VPN in 
response to a DNS server look-up function [Larson , paragraph 0261]. 

(11) Evidence Appendix 

None 



(12) Related Proceedings Appendix 

None 
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For the above reasons, it is believed that the rejections should be sustained. 



Respectfully submitted, 



NghiV. Tran 
January 05, 2008 



/ JOHN F0LLANSBEE 
flPERVlSORY PATENT EXAMINER 
U - —5Y CENTER 2100 



Conferee: 



JOHN FOLLANSBEE 
TECHNOLOGYJCENTER2100 
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